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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address - 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
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Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )E3 Responsive to communication(s) filed on 10 January 2006 . 
2a)D This action is FINAL. 2b)E3 This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1 , 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-5 and 7-21 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) Q Claim(s) is/are allowed. 

6) ^ Claim(s) 1-5 and 7-21 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)K The drawing(s) filed on 15 March 2004 is/are: a)S accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1 .1 21 (d). 
1 1 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-1 52. 
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application from the International Bureau (PCT Rule 17.2(a)). 
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DETAILED ACTION 



Reopening of Prosecution 

1 . In view of the appeal brief filed on January 1 0, 2006, PROSECUTION IS 
HEREBY REOPENED. A new ground of rejection is set forth below as is applied to 
dependent claim 21. 

To avoid abandonment of the application, appellant must exercise one of the 
following two options: 

(1 ) file a reply under 37 CFR 1 .1 1 1 (if this Office action is non-final) or a reply 
under 37 CFR 1.113 (if this Office action is final); or, 

(2) initiate a new appeal by filing a notice of appeal under 37 CFR 41 .31 followed 
by an appeal brief under 37 CFR 41 .37. The previously paid notice of appeal fee and 
appeal brief fee can be applied to the new appeal. If, however, the appeal fees set forth 
in 37 CFR 41.20 have been increased since they were previously paid, then appellant 
must pay the difference between the increased fees and the amount previously paid. 



Response to Arguments 

2. The examiner maintains the rejection of claims 1-20. It is argued by the applicant 
that the combined teachings of Colvin and Mikurak fail to disclose "a registration 
authority operating as a protocol gateway between a device and a certificate authority", 
specifically that Mikurak only recites of an Internet gateway and a Registration Authority. 
The examiner disagrees with the applicant's interpretation of the teachings of Mikurak. 
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Protocol gateways are notoriously well known to one of ordinary skill in the art as be 
responsible for convert the protocols, the transmitted information would be 
incomprehensible upon arrival and gateways allow incompatible networks to 
communicate with one another, see Mikurak col. 67, lines 15-25. The protocol gateway 
operates through the Internet which is connected between the registration authority, 
device, and certificate authority, see Mikurak col. 67, lines 15-25 and Figure 120. 

3. The applicant has not traversed the examiner's use of official notice with regards 
to claims 2,1 1 , and 20. A general allegation has been made by the applicant and the 
applicant has not adequately traversed the examiner use of official notice taken on 
"routers" in the non-final office action mailed on September 21 , 2004. In the 
corresponding response, the applicant must specifically point out the supposed error in 
the examiner's action and the applicant has not included a statement by the noticed fact 
is not considered to be well known in the art. The use of "routers" is taken by the 
examiner to be well known in the prior art since the applicant has not adequately 
challenged the examiner's use of official notice and the use of "routers" is taken to be 
well known to one of ordinary skill in the art since the official notice has not been 
adequately traversed by the applicant in the correspondence filed by the applicant on 
February 22, 2005. Please refer to MPEP 2144.03 (c). 

4. The rejection with respect to dependent claim 21 has been withdrawn in light of 
the teachings of Colvin and Mikurak, however the examiner has applied the teachings of 
Andersson et al, U.S. Patent 6,931 ,016 to that claim. 
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Claim Rejections - 35 USC § 103 

1 . The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

2. Claims 1-5 and 7-20 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Colvin, U.S. Patent 6,044,471 in view of Mikurak, U.S. Patent 6,606,744. 

As per claims 1,10, and 19, it is disclosed by Colvin of a method, apparatus 
(system), and computer readable media containing a plurality of instructions executed 
by a computer (comprising a processor)(col. 1 , lines 62-64 and col. 1 1 , lines 44-46). A 
request is received, from an end-user (requestor), for a password to be used by an end- 
user located on a computer (device) when communicating with administrator 
(registration authority)(col. 4, lines 35-39,61-66). The end-user (requestor) is 
authenticated by an administrator that checks the registration information associated 
with the computer (device)(col. 4, lines 39-41,61-66 and col. 5, lines 6-9). The 
password is generated, storing (by adding) it at a source (password table), and the 
password is sent to the end-user (requestor) for use by the device (col. 3, line 67 
through col. 4, line 2, col. 4, lines 40-42, and col. 6, lines 65-67). The teachings of 
Colvin disclose of an administrator (registration authority), but are silent in disclosing 
that the registration authority operates as a protocol gateway between the device and a 
certificate authority. It is disclosed by Mikurak of a registration authority that acts as a 
protocol gateway that is coupled to receive messages from a certificate authority (col. 
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67, lines 15-19,21-25, col. 269, lines 58-65, and as shown in Figure 120). It is obvious 
to a person of ordinary skill in the art that it would have been obvious to implement the 
usage of a registration authority to act as a protocol gateway between a device and a 
certificate authority. Mikurak recites motivation for the use of a registration authority 
acting as a protocol gateway by disclosing without the use of gateways to convert the 
protocols, the transmitted information would be incomprehensible upon arrival and 
gateways allow incompatible networks to communicate with one another (col. 67, lines 
15-25). It is obvious that the teachings of Colvin would have found this feature 
beneficial in order to convert messages of one protocol to that of another protocol by 
means of a registration authority acting as a protocol gateway, as suggested by 
Mikurak, so that a password can be obtained regardless of multiple systems operating 
on different protocols. 

As per claims 2,1 1, and 20, the teachings of Colvin are shown being embodied 
on a network that is connected across the Internet (as shown in Figure 1 and col. 8, 
lines 1-3). The teachings of Colvin are silent in reciting that a router is used. The 
examiner hereby takes official notice that the use of routers are notoriously well known. 
It would have been obvious to a person of ordinary skill in the art at the time of the 
invention to be motivated to apply means expediting message delivery. The motivation 
for using routers are that they received transmitted messages and forward them to their 
destination over the most efficient route since there are many possible routes that the 
data can be sent. It is obvious that the teachings of Colvin use routers since it is 
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connected across the Internet and so that the most efficient routes can be used to 
transfer information between a user's computer and an administrator. 

As per claims 3 and 12, it is taught by Colvin that the password is generated as a 
random number (col. 3, line 67 through col. 4). 

As per claims 4 and 13, Colvin teaches of the use of encrypting (SSL is a form of 
encryption) communications (receiving, authenticating, and returning) between a user 
that is located at a device and the administrator to ensure that the communications are 
less susceptible to tampering (col. 3, lines 3-5 and col. 4, lines 35-39). 

As per claims 5 and 14, Colvin discloses that the password is kept active for a 
selective amount of time (col. 4, lines 24-27,36-39). 

As per claims 7 and 16, it is disclosed by Colvin that the password is kept active 
for a selected amount of time and then the password is removed from storage 
(password table) after the selected amount of time (col. 4, lines 24-27,36-39 and col. 7, 
lines 32-38). 

As per claims 8 and 17, Colvin teaches of receiving a request from an end-user 
located at a computer (device) that includes a request for a password, checking whether 
the password request is include in the storage location (password table) and processing 
the request if the request password is include in the password table. If the provided 
information doesn't match with the information that is used, the request is rejected (col. 
4, lines 39-41,61-66, col. 5, lines 6-9, and col. 6, lines 65-67). 



Application/Control Number: 1 0/801 ,332 Page 7 

Art Unit: 2131 

As per claims 9 and 18, Colvin discloses that the request password is removed 
from storage (password table) once a new password is issued (col. 9, lines 17-21 and 
col. 6, lines 65-67). 

As per claim 15, it is recited in the teachings of Colvin that the password is kept 
active for a selected amount of and is then invalid after that selected amount of time 
(col. 4, lines 24-27,36-39). 

3. Claim 21 is rejected under 35 U.S.C. 103(a) as being unpatentable over Colvin, 
U.S. Patent 6,044,471 in view of Mikurak, U.S. Patent 6,606,744 in further view of 
Andersson et al, U.S. Patent 6,931 ,016. 

The combined teachings of Colvin and Mikurak fail to disclose of receiving a 
password as part of a subsequent request from the device and comparing the received 
password to the password in the password table to verify that the subsequent request 
actually came from the device. It is taught by Andersson et al of receiving a password 
as part of a subsequent request from the device and comparing the received password 
to the password in the password table to verify that the subsequent request actually 
came from the device (col. 3, line 67 through col. 4, line 6 and col. 4, lines 18-27). It 
would have been obvious to one of ordinary skill in the art at the time of the invention to 
have been motivated to apply authentication checks to routers to ensure that they are 
the correct devices when communicating. The teachings of Andersson et al recite of 
motivation for authenticating the routers by disclosing that by authenticating the router 
through use of passwords, only authenticated routers are allowed to participate in the 
VPN (col. 4, lines 18-27 & 33-40). It is obvious to one of ordinary skill in the art that the 
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combined teachings of Colvin and Mikurak would have been made more secure by 
authenticating a router participating in communications so that it can be properly 
authenticated prior to connecting to the network as is taught by Andersson et al. 



4. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Christopher A. Revak whose telephone number is 571- 
272-3794. The examiner can normally be reached on Monday-Friday, 6:30am-3:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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